Merge pull request #8434 from valeriosetti/issue8407

[G2] Make TLS work without Cipher
2023-11-04 15:05:00 +00:00 · 2023-11-04 15:05:00 +00:00 · 8b6b41f6cd
commit 8b6b41f6cd
parent c5ce9fcf03 74d48c89fa
8 changed files with 608 additions and 444 deletions
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@ -271,6 +271,7 @@ int main(void)
 #else
 #define USAGE_PSK ""
 #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */
+
 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
 #define USAGE_CA_CALLBACK                       \
    "   ca_callback=%%d       default: 0 (disabled)\n"      \
@ -278,13 +279,21 @@ int main(void)
 #else
 #define USAGE_CA_CALLBACK ""
 #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
+
 #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C)
+#if defined(MBEDTLS_CIPHER_C)
 #define USAGE_TICKETS                                       \
    "    tickets=%%d          default: 1 (enabled)\n"       \
    "    ticket_rotate=%%d    default: 0 (disabled)\n"      \
    "    ticket_timeout=%%d   default: 86400 (one day)\n"   \
    "    ticket_aead=%%s      default: \"AES-256-GCM\"\n"
-#else
+#else /* MBEDTLS_CIPHER_C */
+#define USAGE_TICKETS                                       \
+    "    tickets=%%d          default: 1 (enabled)\n"       \
+    "    ticket_rotate=%%d    default: 0 (disabled)\n"      \
+    "    ticket_timeout=%%d   default: 86400 (one day)\n"
+#endif /* MBEDTLS_CIPHER_C */
+#else /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_TICKET_C */
 #define USAGE_TICKETS ""
 #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_TICKET_C */

@ -2134,14 +2143,18 @@ usage:
            if (opt.ticket_timeout < 0) {
                goto usage;
            }
-        } else if (strcmp(p, "ticket_aead") == 0) {
+        }
+#if defined(MBEDTLS_CIPHER_C)
+        else if (strcmp(p, "ticket_aead") == 0) {
            const mbedtls_cipher_info_t *ci = mbedtls_cipher_info_from_string(q);

            if (ci == NULL) {
                goto usage;
            }
            opt.ticket_aead = mbedtls_cipher_info_get_type(ci);
-        } else if (strcmp(p, "cache_max") == 0) {
+        }
+#endif
+        else if (strcmp(p, "cache_max") == 0) {
            opt.cache_max = atoi(q);
            if (opt.cache_max < 0) {
                goto usage;